1. Home
  2. Fortinet
  3. NSE 6 Network Security Specialist
  4. NSE6_FWB-6.4
  5. Fortinet NSE 6 - FortiWeb 6.4 Questions and Answers

Pass the Fortinet NSE 6 Network Security Specialist NSE6_FWB-6.4 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.

Which two functions does the first layer perform? (Choose two.)

Options:
A.

Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored

B.

Builds a threat model behind every parameter and HTTP method

C.

Determines if a detected threat is a false-positive or not

D.

Determines whether traffic is an anomaly, based on observed application traffic over time

Expert Solution
Questions # 2:

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

Options:
A.

Offline Protection

B.

Transparent Inspection

C.

True Transparent Proxy

D.

Reverse-Proxy

Expert Solution
Questions # 3:

Refer to the exhibit.

Question # 3

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Options:
A.

Delete the built-in administrator user and create a new one.

B.

Configure IPv4 Trusted Host # 3 with a specific IP address.

C.

The configuration changes must be made on the upstream device.

D.

Change the Access Profile to Read_Only.

Expert Solution
Questions # 4:

Refer to the exhibits.

Question # 4

Question # 4

FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

Options:
A.

FortiGate should forward web traffic to the server pool IP addresses.

B.

The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.

C.

You must disable the Preserve Client IP setting on FotriGate for this configuration to work.

D.

FortiGate should forward web traffic to virtual server IP address.

Expert Solution
Questions # 5:

What capability can FortiWeb add to your Web App that your Web App may or may not already have?

Options:
A.

Automatic backup and recovery

B.

High Availability

C.

HTTP/HTML Form Authentication

D.

SSL Inspection

Expert Solution
Questions # 6:

Which is true about HTTPS on FortiWeb? (Choose three.)

Options:
A.

For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

B.

After enabling HSTS, redirects to HTTPS are no longer necessary.

C.

In true transparent mode, the TLS session terminator is a protected web server.

D.

Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

E.

In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Expert Solution
Questions # 7:

Refer to the exhibit.

Question # 7

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

Options:
A.

Traffic that passes between port5 and port6 will be inspected.

B.

Traffic will be interrupted between port3 and port4.

C.

All traffic will be interrupted.

D.

Traffic will pass between port5 and port6 uninspected.

Expert Solution
Questions # 8:

What key factor must be considered when setting brute force rate limiting and blocking?

Options:
A.

A single client contacting multiple resources

B.

Multiple clients sharing a single Internet connection

C.

Multiple clients from geographically diverse locations

D.

Multiple clients connecting to multiple resources

Expert Solution
Questions # 9:

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

Options:
A.

Store in an off-site location

B.

Erase them every two weeks

C.

Enable masking of sensitive data

D.

Compress them into a .zip file format

Expert Solution
Questions # 10:

You’ve configured an authentication rule with delegation enabled on FortiWeb.

What happens when a user tries to access the web application?

Options:
A.

FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app

B.

ForitWeb redirects the user to the web app’s authentication page

C.

FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully

D.

FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

Expert Solution
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions